With this release, the StealthINTERCEPT Windows Activity Connector for QRadar will supply QRadar with broader, deeper, more surgical visibility into the change and access events occurring within AD, Exchange, and File Systems than native log facilities can provide alone, making the industry's already leading SIEM platform even better.

"StealthINTERCEPT is more than just a sound investment for QRadar customers, for anyone running Microsoft technologies... it's a must have. By injecting our interception technology directly into the OS security layer, StealthINTERCEPT is able to feed discreet and critical Active Directory security events into QRadar in real-time; you just can't get this from native logs. And since Active Directory is the hub of security in the Microsoft world, you really need this integration to get the big picture; without it, you're missing half the picture," said Kevin Foisy, Chief Software Architect, STEALTHbits.

The QRadar/StealthINTERCEPT integration provides:

Real-time Interception - StealthINTERCEPT's kernel-level driver technology filters out the "noise", intercepting the critical events that matter most, while also reducing the application and system overhead that results from enabling native logging facilities.

Surgical Analysis and Control - StealthINTERCEPT's built-in analysis and filtration capabilities enables administrators to feed just the events they care most about into QRadar, limiting the amount of data QRadar needs to digest and correlate.

Early Detection - The feed QRadar receives from StealthINTERCEPT is provided in real-time, publishing and producing alerts via QRadar in just milliseconds from the time the event occurred.

Extended Monitoring Visibility - StealthINTERCEPT provides details about changes and access events that simply aren't available via native logs, such as who modified a Group Policy Object, from where, when, and what the change actually was.

Faster Remediation - Before and After value capture provides the full picture of what changed and what the previous value of the change was.

Enhanced Identification - Additional details of who made the change including IP Addresses enhances QRadar's correlation capabilities with other events occurring elsewhere in the environment.

StealthINTERCEPT is already the market visionary on Active Directory, Exchange, and File System security monitoring and protection. With the additional context StealthINTERCEPT feeds to QRadar, customers will obtain a whole new level of insight into security threats and how malicious insiders and outsiders are gaining access to sensitive data and more.

AVAILABILITYThe StealthINTERCEPT Windows Activity Connector for QRadar is now available worldwide.

ABOUT STEALTHbits Technologies STEALTHbits Technologies specializes in the management and security of unstructured data. STEALTHbits' solutions bridge the gap between Active Directory and unstructured data repositories, providing a previously unavailable view of how access is being granted and who has access to critical unstructured data resources like File Systems and SharePoint.

With this enhanced visibility, organizations of any size can efficiently and confidently: